Merge branch '1648-remove-git-annex-support' into 'master'

Remove git annex support See merge request !122

Merge branch '1648-remove-git-annex-support' into 'master'
Remove git annex support See merge request !122
199e2d62 · Rémy Coutable · a6e5b9a1 · 416c7a89 · 199e2d62 · 199e2d62
Commit 199e2d62 authored Mar 06, 2017 by Rémy Coutable
9 changed files
--- a/.gitignore
+++ b/.gitignore
 config.yml
 tmp/*
+.idea
 *.log
 /*.log*
 authorized_keys.lock

--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,8 +2,8 @@ image: "ruby:2.3"
 before_script:
  - export PATH=~/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin
-  - apt-get update
+  - apt update
-  - apt-get install -y git-annex
+  - apt install rsync -y
  - gem install --bindir /usr/local/bin bundler
  - cp config.yml.example config.yml
  - bundle install

--- a/CHANGELOG
+++ b/CHANGELOG
+v5.0.0
+  - Remove support for git-annex
 v4.1.1
  - Send (a selection of) git environment variables while making the API call to `/allowed`, !112

--- a/README.md
+++ b/README.md
@@ -7,7 +7,7 @@ GitLab Shell is not a Unix shell nor a replacement for Bash or Zsh.
 When you access the GitLab server over ssh then GitLab Shell will:
-1. Limits you to predefined git commands (git push, git pull, git annex).
+1. Limits you to predefined git commands (git push, git pull).
 1. Call the GitLab Rails API to check if you are authorized
 1. It will execute the pre-receive hooks (called Git Hooks in GitLab Enterprise Edition)
 1. It will execute the action you requested

--- a/VERSION
+++ b/VERSION
-4.1.1
+5.0.0
--- a/config.yml.example
+++ b/config.yml.example
@@ -65,14 +65,6 @@ log_level: INFO
 # incurs an extra API call on every gitlab-shell command.
 audit_usernames: false
-# Enable git-annex support
-# git-annex allows managing files with git, without checking the file contents into git
-# See https://git-annex.branchable.com/ for documentation
-# If enabled, git-annex needs to be installed on the server where gitlab-shell is setup
-# For Debian and Ubuntu systems this can be done with: sudo apt-get install git-annex
-# For CentOS: sudo yum install epel-release && sudo yum install git-annex
-git_annex_enabled: false
 # Git trace log file.
 # If set, git commands receive GIT_TRACE* environment variables
 # See https://git-scm.com/book/es/v2/Git-Internals-Environment-Variables#Debugging for documentation

--- a/lib/gitlab_config.rb
+++ b/lib/gitlab_config.rb
@@ -54,10 +54,6 @@ class GitlabConfig
    @config['audit_usernames'] ||= false
  end
-  def git_annex_enabled?
-    @config['git_annex_enabled'] ||= false
-  end
  def git_trace_log_file
    @config['git_trace_log_file']
  end

--- a/lib/gitlab_shell.rb
+++ b/lib/gitlab_shell.rb
@@ -9,7 +9,7 @@ class GitlabShell
  class DisallowedCommandError < StandardError; end
  class InvalidRepositoryPathError < StandardError; end
-  GIT_COMMANDS = %w(git-upload-pack git-receive-pack git-upload-archive git-annex-shell git-lfs-authenticate).freeze
+  GIT_COMMANDS = %w(git-upload-pack git-receive-pack git-upload-archive git-lfs-authenticate).freeze
  API_COMMANDS = %w(2fa_recovery_codes)
  GL_PROTOCOL = 'ssh'.freeze
@@ -71,10 +71,6 @@ class GitlabShell
    raise DisallowedCommandError unless GIT_COMMANDS.include?(@command)
    case @command
-    when 'git-annex-shell'
-      raise DisallowedCommandError unless @config.git_annex_enabled?
-      @repo_name = args[2].sub(/\A\/~\//, '')
    when 'git-lfs-authenticate'
      raise DisallowedCommandError unless args.count >= 2
      @repo_name = args[1]
@@ -103,25 +99,7 @@ class GitlabShell
  def process_cmd(args)
    return self.send("api_#{@command}") if API_COMMANDS.include?(@command)
-    if @command == 'git-annex-shell'
+    if @command == 'git-lfs-authenticate'
-      raise DisallowedCommandError unless @config.git_annex_enabled?
-      # Make sure repository has git-annex enabled
-      init_git_annex unless gcryptsetup?(args)
-      parsed_args =
-        args.map do |arg|
-          # use full repo path
-          if arg =~ /\A\/.*\.git\Z/
-            repo_path
-          else
-            arg
-          end
-        end
-      $logger.info "gitlab-shell: executing git-annex command <#{parsed_args.join(' ')}> for #{log_username}."
-      exec_cmd(*parsed_args)
-    elsif @command == 'git-lfs-authenticate'
      GitlabMetrics.measure('lfs-authenticate') do
        $logger.info "gitlab-shell: Processing LFS authentication for #{log_username}."
        lfs_authenticate
@@ -150,10 +128,6 @@ class GitlabShell
      'GL_PROTOCOL' => GL_PROTOCOL
    }
-    if @config.git_annex_enabled?
-      env.merge!({ 'GIT_ANNEX_SHELL_LIMITED' => '1' })
-    end
    if git_trace_available?
      env.merge!({
        'GIT_TRACE' => @config.git_trace_log_file,
@@ -188,19 +162,6 @@ class GitlabShell
    @config.audit_usernames ? username : "user with key #{@key_id}"
  end
-  def init_git_annex
-    unless File.exists?(File.join(repo_path, 'annex'))
-      cmd = %W(git --git-dir=#{repo_path} annex init "GitLab")
-      system(*cmd, err: '/dev/null', out: '/dev/null')
-      $logger.info "Enable git-annex for repository: #{repo_name}."
-    end
-  end
-  def gcryptsetup?(args)
-    non_dashed = args.reject { |a| a.start_with?('-') }
-    non_dashed[0, 2] == %w{git-annex-shell gcryptsetup}
-  end
  def lfs_authenticate
    lfs_access = api.lfs_authenticate(@key_id, @repo_name)

--- a/spec/gitlab_shell_spec.rb
+++ b/spec/gitlab_shell_spec.rb
@@ -99,20 +99,6 @@ describe GitlabShell do
      end
    end
-    describe 'git-annex' do
-      let(:repo_name) { 'dzaporozhets/gitlab.git' }
-      let(:ssh_args) { %W(git-annex-shell inannex /~/dzaporozhets/gitlab.git SHA256E) }
-      before do
-        GitlabConfig.any_instance.stub(git_annex_enabled?: true)
-        subject.send :parse_cmd, ssh_args
-      end
-      its(:repo_name) { should == 'dzaporozhets/gitlab.git' }
-      its(:command) { should == 'git-annex-shell' }
-    end
    describe 'git-lfs' do
      let(:repo_name) { 'dzaporozhets/gitlab.git' }
      let(:ssh_args) { %W(git-lfs-authenticate dzaporozhets/gitlab.git download) }
@@ -230,58 +216,6 @@ describe GitlabShell do
      end
    end
-    describe 'git-annex' do
-      let(:repo_name) { 'dzaporozhets/gitlab.git' }
-      before do
-        GitlabConfig.any_instance.stub(git_annex_enabled?: true)
-      end
-      context 'initialization' do
-        let(:ssh_cmd) { "git-annex-shell inannex /~/gitlab-ci.git SHA256E" }
-        before do
-          # Create existing project
-          FileUtils.mkdir_p(repo_path)
-          cmd = %W(git --git-dir=#{repo_path} init --bare)
-          system(*cmd)
-          subject.exec(ssh_cmd)
-        end
-        it 'should init git-annex' do
-          File.exists?(repo_path).should be_true
-        end
-        context 'with git-annex-shell gcryptsetup' do
-          let(:ssh_cmd) { "git-annex-shell gcryptsetup /~/dzaporozhets/gitlab.git" }
-          it 'should not init git-annex' do
-            File.exists?(File.join(tmp_repos_path, 'dzaporozhets/gitlab.git/annex')).should be_false
-          end
-        end
-        context 'with git-annex and relative path without ~/' do
-          # Using a SSH URL on a custom port will generate /dzaporozhets/gitlab.git
-          let(:ssh_cmd) { "git-annex-shell inannex dzaporozhets/gitlab.git SHA256E" }
-          it 'should init git-annex' do
-            File.exists?(File.join(tmp_repos_path, "dzaporozhets/gitlab.git/annex")).should be_true
-          end
-        end
-      end
-      context 'execution' do
-        let(:ssh_cmd) { "git-annex-shell commit /~/gitlab-ci.git SHA256" }
-        after { subject.exec(ssh_cmd) }
-        it "should execute the command" do
-          subject.should_receive(:exec_cmd).with("git-annex-shell", "commit", repo_path, "SHA256")
-        end
-      end
-    end
    context 'with an API command' do
      before do
        allow(subject).to receive(:continue?).and_return(true)